ee37e169f9e35aee337de2471b1fbb57bf83654330854896001bed76210c64e7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.2023-09-05_827cd6179e9a6c20a25141afe0cd39f3_cryptolocker_JC.exe
Size

66KB
Sample

231031-1jqazagc54
MD5

827cd6179e9a6c20a25141afe0cd39f3
SHA1

84f325c7e9922fcc82938ca5a1ed8eab55131a5e
SHA256

ee37e169f9e35aee337de2471b1fbb57bf83654330854896001bed76210c64e7
SHA512

6f1a4723f329baeffc9821c81d3c21d2101d5530156348d3a76a55409a5f347499dbab1020132efea4f01a9a68e83f52a81492d6336c8829b3d14a8b53e16026
SSDEEP

768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4ZPsED3VK2+ZtyOjgO4r9vFAg2rq2g1B/RQ:vj+jsMQMOtEvwDpj5HZYTjipvF24I

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.2023-09-05_827cd6179e9a6c20a25141afe0cd39f3_cryptolocker_JC.exe
- Size
  
  66KB
- MD5
  
  827cd6179e9a6c20a25141afe0cd39f3
- SHA1
  
  84f325c7e9922fcc82938ca5a1ed8eab55131a5e
- SHA256
  
  ee37e169f9e35aee337de2471b1fbb57bf83654330854896001bed76210c64e7
- SHA512
  
  6f1a4723f329baeffc9821c81d3c21d2101d5530156348d3a76a55409a5f347499dbab1020132efea4f01a9a68e83f52a81492d6336c8829b3d14a8b53e16026
- SSDEEP
  
  768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4ZPsED3VK2+ZtyOjgO4r9vFAg2rq2g1B/RQ:vj+jsMQMOtEvwDpj5HZYTjipvF24I
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2